Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Dyre Trojan Becoming More Sophisticated - Symantec

Symantec, a security firm, recently released a report revealing that cybercriminals running Dyre banking Trojan have built an impressive infrastructure which amounts to hundreds of servers tasked with assignments designed to maintain and expand the activity of the malware.

Money stealing activity of Dyre follows a popular pattern with the web browser being hijacked to monitor web sessions and then redirecting the victim to fake websites or changing the content of the web pages on the fly to collect banking login credentials of the victim.

This one has moved to superior levels unlike malware of the same feather with 285 command and control (C&C) servers and 44 other machines which deliver plug-ins and additional payloads or execute (MitB) attacks.

Cybercriminals have organized C&C machines in such a manner that permits only two IP addresses to be activated at the same time for command and control tasks and dispatching modules.

Computerworld.in published news on 25th June, 2015 quoting Symantec as "Financial institutions in the US and UK are the most targeted but India is not far behind which ranks sixth globally and second in Asia."

Symantec added: "The malware also attacks users of electronic payment services and HR-related websites along with financial institutions. It is a multi-pronged threat and is frequently used to download additional malware into the computer of the victim. In several instances, the victim is added to a botnet that is then employed to send thousands of spam emails in trying to distribute the threat further in the field."

Dyre Trojan has distributed other threats which are identified as: Trojan.Spadoluk, Trojan.Spadyra, Infostealer.Kegotip, Trojan.Pandex.B, Trojan.Doscor, Trojan.Fareit, Trojan.Fitobrute.

Symantec said that they have observed their activity and found that the attackers stick to a five-day work during the UTC +2 or UTC +3 time zone which indicate that they operate outside eastern Europe or Russia.

The security firm highlights some simple tips to minimize the chance of being infected with Dyre. These include: Always keep your security software, operating system and other software updated to protect yourself from any new versions of this malware. Updates of software will often include patches for newly discovered security vulnerabilities which could be exploited by attackers.

ยป SPAMfighter News - 7/1/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page